This specification relates to data leakage prevention.
The unauthorized distribution of confidential information, such as trade secrets, financial information, and other sensitive information can be protected by a number of security measures, such as access restrictions, password protection, and encryption techniques. While such security measures are often effective, confidential information that is subject to such measures can still be distributed inadvertently or surreptitiously. Such disclosures can be characterized as “data leaks.” For example, confidential information can be communicated by text in an e-mail message or an instant message; by attaching a document to an e-mail message; by accessing a company website over an unsecured network; and so on. Whether committed unintentionally or intentionally, the disclosure of confidential information by data leakage can cause financial harm, embarrassment, or other injury to a company or individual.
Instant messaging applications are particularly notorious for data leaks. In particular, instant messaging applications allow confidential information to be split into a series of instant messages with each independent instant message having no identifiable confidential information.
One solution for preventing data leakage through instant messaging systems is to block the ports on the network through which instant messaging applications communicate. However, this solution is problematic because instant messaging applications often provide productivity benefits and this solution results in the blocking of all instant messaging communication on the network. In addition, certain instant messaging protocols use common ports such as an HTTP port to negotiate ports to be used in instant messaging making port blocking ineffective.